package com.ds.controller.view;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

import com.ds.core.Constants;
import com.ds.core.base.AbstractController;
import com.ds.core.config.Resources;
import com.ds.core.exception.LoginException;
import com.ds.core.support.Assert;
import com.ds.core.support.HttpCode;
import com.ds.core.support.login.LoginHelper;
import com.ds.core.util.SecurityUtil;
import com.ds.core.util.WebUtil;
import com.ds.orm.model.User;
import com.ds.service.SysSessionService;
import com.ds.service.UserService;

@Controller
@RequestMapping("/u")
public class Login extends AbstractController{

	
	@Autowired
	private UserService userService;
	@Autowired
	private SysSessionService sysSessionService;
	// 登录
	@PostMapping("/login")
	public Object login(@RequestBody User user, ModelMap modelMap, HttpServletRequest request) {
		Assert.notNull(user.getAccount(), "ACCOUNT");
		Assert.notNull(user.getPassword(), "PASSWORD");
		if (LoginHelper.login(request, user.getAccount(), SecurityUtil.encryptPassword(user.getPassword()))) {
			request.setAttribute("msg", "[" + user.getAccount() + "]登录成功.");
			return setSuccessModelMap(modelMap);
		}
		request.setAttribute("msg", "[" + user.getAccount() + "]登录失败.");
		throw new LoginException(Resources.getMessage("LOGIN_FAIL"));
	}
	
	@RequestMapping(value = "login", method = RequestMethod.GET)
	public ModelAndView login() {
		return new ModelAndView("login");
	}	
	
	// 登出
	@PostMapping("/logout")
	public Object logout(ModelMap modelMap) {
		Long id = WebUtil.getCurrentUser();
		if (id != null) {
			sysSessionService.delete(id);
		}
		SecurityUtils.getSubject().logout();
		return setSuccessModelMap(modelMap);
	}

	// 注册
	@PostMapping("/regist")
	public Object regin(HttpServletRequest request, ModelMap modelMap, @RequestBody User user) {
		Assert.notNull(user.getAccount(), "ACCOUNT");
		Assert.notNull(user.getPassword(), "PASSWORD");
		userService.update(user);
		if (LoginHelper.login(request, user.getAccount(), user.getPassword())) {
			return setSuccessModelMap(modelMap);
		}
		throw new IllegalArgumentException(Resources.getMessage("LOGIN_FAIL"));
	}

	// 没有登录
	@RequestMapping(value = "/unauthorized", method = { RequestMethod.GET, RequestMethod.POST, RequestMethod.PUT })
	public Object unauthorized(ModelMap modelMap, HttpServletRequest request, HttpServletResponse response)
			throws Exception {
		if ("GET".equals(request.getMethod())) {
			response.sendRedirect(Constants.LOGIN_URL);
			return null;
		}
		return setModelMap(modelMap, HttpCode.UNAUTHORIZED);
	}

	// 没有权限
	@RequestMapping(value = "/forbidden", method = { RequestMethod.GET, RequestMethod.POST, RequestMethod.PUT })
	public Object forbidden(ModelMap modelMap) {
		return setModelMap(modelMap, HttpCode.FORBIDDEN);
	}
}
